[ckan-dev] Restricting Access to Private Resources on CKAN
Sajan Ravindran
sajanravindran at gmail.com
Thu Jan 30 19:12:13 UTC 2014
Nigel,
Just was curious, was there any specific design or technical reason why the
support for S3 or Google Cloud is being removed in 2.2 ?
Would be great if you could me know as it would make the decision of
choosing alternatives for storage a bit easier.
Thanks again!
Regards,
Sajan
On Thu, Jan 30, 2014 at 9:47 AM, Sajan Ravindran
<sajanravindran at gmail.com>wrote:
> Thank you Nigel. Was not aware of this. I will try out the solution
> suggested by Steve, otherwise will wait for the release next week and make
> the corresponding changes for storage,
>
>
> On Thu, Jan 30, 2014 at 1:36 AM, Nigel Babu <nigel.babu at okfn.org> wrote:
>
>> We are aware of this problem and this is why the filestore was changed in
>> 2.2 (to be released next week). The new filestore checks if the user
>> accessing a file is logged in and if they have access. However, it doesn't
>> support S3 or Google Cloud anymore because of the implementation change.
>>
>> Nigel Babu
>>
>> Developer | @nigelbabu <https://twitter.com/nigelbabu>
>>
>> The Open Knowledge Foundation <http://okfn.org/>
>>
>> Empowering through Open Knowledge
>>
>> http://okfn.org/ | @okfn <http://twitter.com/OKFN> | OKF on Facebook<https://www.facebook.com/OKFNetwork> |
>> Blog <http://blog.okfn.org/> | Newsletter<http://okfn.org/about/newsletter>
>>
>> CKAN | http://ckan.org/ | @CKANproject <http://twitter.com/CKANproject>|the world's leading open-source data portal platform
>>
>>
>> On 29 January 2014 23:00, Sajan Ravindran <sajanravindran at gmail.com>wrote:
>>
>>> Hi,
>>>
>>> We have currently a setup of CKAN ( 2.1 ) on EC2 and have the filestore
>>> installed on S3. Currently, the data which we have is a combination of
>>> public and private ( as it needs to be verified ). We are running into an
>>> issue with the private resources.
>>>
>>> Though access to the private resources is restricted via CKAN, once
>>> someone gets access to the S3 url of CKAN's filestore, the resource gets
>>> easily downloaded. We are especially concerned about this as this data is
>>> unverified. Is there any way by which downloading resources via this URL
>>> can be restricted without affected CKAN's functionality?
>>>
>>> Any help would be greatly appreciated.
>>>
>>> Thanks,
>>> Sajan
>>>
>>> _______________________________________________
>>> ckan-dev mailing list
>>> ckan-dev at lists.okfn.org
>>> https://lists.okfn.org/mailman/listinfo/ckan-dev
>>> Unsubscribe: https://lists.okfn.org/mailman/options/ckan-dev
>>>
>>>
>>
>> _______________________________________________
>> ckan-dev mailing list
>> ckan-dev at lists.okfn.org
>> https://lists.okfn.org/mailman/listinfo/ckan-dev
>> Unsubscribe: https://lists.okfn.org/mailman/options/ckan-dev
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.okfn.org/pipermail/ckan-dev/attachments/20140130/6643b9b3/attachment-0003.html>
More information about the ckan-dev
mailing list